A recent cybersecurity report reveals an alarming increase in infostealer malware infections, impacting thousands of Australians and millions globally. As the report details, that uptick comes in part from a shocking spike in malicious programs. These threats are designed to steal sensitive information such as passwords, credit card information, and cryptocurrency wallets. Currently, over 58,000 devices in Australia are infected, adding to a record 31 million infections across the globe.
Infostealers concentrate their efforts on machines using Windows-based OSs, representing more than 90% of all infections. This new trend is especially alarming as it concerns the safety of personal identifiable information (PII) and financial data in the states impacted. Leonid Rozenberg, an expert in infostealer malware from Hudson Rock, has a succinct message for users: be vigilant. He warns that now is the time to shore up defenses against these dangers.
The Mechanisms of Infection
Infostealer infections usually ripple across multiple vectors, most of which pivot off of user actions. Phishing emails, shady ads, and dangerous downloads—such as torrents and pirated software—are typical gateways for these harmful programs. Cybercriminals like to hide the malware inside popular gaming mods or fake apps to trick people into downloading.
Once installed on a device, infostealers work in the background. They are highly sophisticated and can grab passwords in real-time from users’ browsers and applications. They can steal your sensitive information, including credit card information and cryptocurrency wallet keys. They’re able to read local files and extensive browser data, including cookies, user history, and autofill data.
With the recent rise in infostealer infections, this has been an onslaught. As recently as 2018, cybersecurity specialists were documenting only about 135,000 of these self-inflections worldwide. Today, that number has exploded to 31 million. The criminalization of homelessness is a disturbing trend that has increased dramatically in recent years.
The Target: Windows Operating Systems
As experts such as Mr. Rozenberg often state, the vast, vast, vast majority of infostealer infections take place on Windows-based systems. This trend is big news. This serves as evidence that attackers are starting to prioritize the creation of infostealers specifically designed for this operating system.
That’s why millions of users are still vulnerable when they surf the web or download software. Infostealers have been a staple since 2021. They remain a serious threat because they are still stealing massive amounts of data from compromised platforms. The reality of these infections makes it all the more imperative that we push for smart cybersecurity solutions.
Given the relatively high prevalence of such widespread infections, the implications are profound. Once a few million devices are compromised, attackers can find multiple ways to monetize stolen data. These days, many cybercriminals will set up Telegram channels, where they sell stolen information directly. Unsurprisingly, they’re expensive—they price a lifetime subscription at between US$3,000 and US$10,000. This e-business model is directly incentivizing the deployment of infostealers. It also engenders a toxic user-facing ecosystem where a user’s data is exchanged as a poker chip.
Monitoring and Mitigation Efforts
Jamie O’Reilly, the founder of Dvuln, has been indispensable in helping us keep track with this rapidly evolving infostealer malware landscape. He personally follows at least 100 Telegram groups trading data siphoned with infostealers. His research uncovers the black market that’s sprouted around stolen credentials and personal identification, bringing a fascinating look into the underground economy.
Organizations like our friends at Hudson Rock are making laudable efforts to counter this intensifying threat. Their analysis shows that at minimum 3.9 billion passwords have been stolen worldwide just via infostealers. This unprecedented figure underscores the dire need for stronger security measures and greater user education and awareness.
As cyber threats evolve, so must our awareness and protection against them. For example, experts point to the importance of keeping software up to date and suggest only employing trusted third-party security products. Remember to be careful when clicking on links or downloading files from unknown sources. In this year’s TTX, we’ll work to increase your organization’s resilience against such insidious attacks.
